Utility SpotlightRunUpdates.cmd

Joshua Hoffman

Download the code for this article: RunUpdates.exe (160KB)

A great deal of time is often invested in determining the best ways to keep an infrastructure current, and rightfully so. In this month’s Utility Spotlight I take a look at a great way to make sure that desktops are as current as possible from the day they are deployed.

RunUpdates.cmd is a script that comes to us from Michael Murgolo, a Senior Consultant with Microsoft Consulting Services specializing in desktop deployment. RunUpdates.cmd provides an automated framework for integrating hotfixes and updates into an enterprise desktop image.

Traditionally, in order to integrate patches from Microsoft into a desktop build, the process would include downloading the updated executables (either from the Windows®Update Catalog or from the individual update Knowledge Base article or Security Bulletin) and creating a command shell script to run each update in turn with the correct switches for silent installation.

Figure 1 shows an example, processing only one update. Typically, many more are needed once a service pack has been out for some time. The entry consists of five lines: two that log to the console and to a file that execution has begun, one that actually executes the update, and two that log the return code. Manually adding these entries to a script, such as the one shown in the figure, is time consuming and error-prone.

Figure 1 Sample Update Code

Echo Installing MS05-014: Cumulative security update for Internet Explorer (KB867282)
Echo Installing MS05-014: Cumulative security update for Internet Explorer (KB867282) >> 
M:\Source\XPPro\SP2Hotfixes\WindowsXP-KB867282-x86-ENU.exe /passive /norestart >>
Echo Called M:\Source\XPPro\SP2Hotfixes\WindowsXP-KB867282-x86-ENU.exe, rc=%ERRORLEVEL%
Echo Called M:\Source\XPPro\SP2Hotfixes\WindowsXP-KB867282-x86-ENU.exe, rc=%ERRORLEVEL% >> 

RunUpdates.cmd is a command shell script designed to run all files with an .exe extension in a designated folder and all subfolders. It allows for the use of default command-line switches, but it also provides a way to define other switches for updates that may not use the designated default switches.

Download and copy updates to a build folder Any folder structure can be used to store the updates, with two exceptions. The path to the executable (C:\Source\XPPro\SP2Hotfixes\...) must not exceed the limits of MAX_PATH (it must be less than 260 characters, see Naming a File), and all patches in a single subfolder must use the same command-line switches.

Determining switches The latest Windows updates use the /passive /norestart switches, many older Windows patches use the /q /u /z switches, and many Microsoft® Internet Explorer updates use the /q:a /r:n switches. You can generally determine which switches are required by running the update with a /? parameter.

Updates that do not use the default switches RunUpdates.cmd requires a command-line parameter to specify the default switches to be used when running updates. To run any updates with different switches, create a command shell script called SwitchVar.cmd in the same folder as that update. The contents of this script should be a single line that sets the SWITCHES environment variable. For example, if an update requires the /q /r:n switches, the corresponding SwitchVar.cmd should contain the line:

set SWITCHES=/q /r:n

Adding and removing updates in the build process When patches need to be added or removed from the build process, the update must simply be added or removed from the patch folder tree. Since RunUpdates.cmd will run all executables in the folder tree, no script code needs to be modified to add or remove updates. The only time any script needs to be created is if the update does not use the default switches specified on the RunUpdates.cmd command line. In this case, a simple SwitchVar.cmd script is needed.

Full documentation of the proper usage and syntax for RunUpdates.cmd can be found in the accompanying download on the TechNet Magazine Web site.

RunUpdates.cmd will help ensure that your desktop deployments are always up-to-date, a great addition to any desktop engineer’s toolbox.

Joshua Hoffman is the Technical Editor for TechNet Magazine.

© 2008 Microsoft Corporation and CMP Media, LLC. All rights reserved; reproduction in part or in whole without permission is prohibited.